cancel
Showing results for 
Search instead for 
Did you mean: 

Is there a workaround to use multiple source IPs in one Realm when I merge roles?

Ruud_
Contributor

Is there a workaround to use multiple source IPs in one Realm when I merge roles?

I have realms with several roles where each role uses a different source IP.


 


I noticed the following in the user guide: 


If an end user is mapped to multiple roles and the IVE merges roles, the IVE


associates the source IP address configured for the first role in the list with the

merged role.

Is there really no way to use multiple source IPs in one realm when I merge roles?





1 REPLY 1
kenlars_
Super Contributor

Re: Is there a workaround to use multiple source IPs in one Realm when I merge roles?

I'm not sure I understand your question. 

All traffic for a session is initiated from a single address.  When roles are merged, the first role that the user is assigned to sets the source IP address for the session. 

Role merging is just what it says - the SA creates a merged role from the roles that the user is assigned to.  That merged role cannot have multiple source addresses - how would the SA know when to source the data from one address or the other?